Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot — and it may not be possible to fully resolve the leak.

The design flaw in the Windows operating system can be used to unlock Windows devices, including smartphones and tablets, which are otherwise protected by Secure Boot in order to run operating systems other than Windows on locked down systems.

This, in turn, allows someone with admin rights or an attacker with physical access to a machine not only to bypass Secure Boot and run any operating system they wish, such as Linux or Android, but also permits the installation and execution of bootkit and rootkits at the deepest level of the device, security researchers MY123 and Slipstreamrevealed in a blog post on Tuesday.

At Wordfence we track attacks across all our customer sites, both free and paid to learn more about attacker tactics, techniques and procedures (TTP’s). Mining this data helps us improve Wordfence Firewall, Wordfence’s Scan and our other features and to do a better job of keeping you safe. We use a large distributed cluster to mine […]

A security researcher has devised a tool capable of compromising hotel room keys, giving attackers entry — and can also tamper with point-of-sale (PoS) systems to boot.

Rapid7 security researcher Weston Hacker revealed the tool at Black Hat USA, which can be made with off-the-shelf components and cost only $6 to build.

As reported by Forbes, the device can read and duplicate hotel keys, but if a cyberattacker is really keen on disrupting a hotel chain, the $6 tool can also be used to “brute force” attack every guest room in the building — by guessing the keys to each room